EHA
Lenovo PC/Laptop Flaws Enable Attackers to Run Arbitrary Code

Lenovo PC/Laptop Flaws Enable Attackers to Run Arbitrary Code

Lenovo has disclosed multiple BIOS security vulnerabilities affecting several vendors in their new security advisory. The potential impacts of these vulnerabilities could be information disclosure and arbitrary code execution by multiple BIOS vendors.  Moreover, the...
Konni APT Exploits WinRAR Vulnerability (CVE-2023-38831) To Attack The Digital Currency Industry

Konni APT Exploits WinRAR Vulnerability To Attack Financial & Crypto Industries

Konni, a North Korean APT group, launched the first attack against the cryptocurrency industry, exploiting a recently found WinRAR vulnerability tagged as CVE-2023-38831. According to the study, Konni's decision to focus on the cryptocurrency market was unusual;...
New Jailbreak Attacks Uncovered in LLM chatbots like ChatGPT

New Jailbreak Attacks are revealed in LLM Chatbots like ChatGPT

LLMs have reshaped content generation, making understanding jailbreak attacks and prevention techniques challenging. Surprisingly, there's a scarcity of public disclosures on countermeasures employed in chatbot services that are commercial LLM-based. A practical study has been...
QNAP Critical Flaw

QNAP Critical Flaw let Attackers to Compromise Vulnerable NAS Devices’ Security

QNAP Systems, Inc. has resolved a critical vulnerability that could be exploited by attackers to compromise vulnerable NAS devices security. The security advisory published by the company says, “An improper access control vulnerability tracked as...
iOS Zero-Day

Warning! Apple Fixes Actively Exploited iOS Zero-Day on iPhones & iPads

In an effort to ensure the safety and security of its customers, Apple has taken the necessary steps to address a potentially dangerous vulnerability that has been marked as "Zero-Day" by releasing updates for...
Most Exploited Vulnerabilities

List of Top 10 Most Exploited Vulnerabilities 2016 to 2020

Researchers from the Federal Bureau of Investigation (FBI) and the Cybersecurity, Department of Homeland Security (DHS), and Cybersecurity & Infrastructure Security Agency (CISA) have published a list of the most exploited vulnerabilities for the...
WRECK DNS

100 Million+ Devices Affected With Critical WRECK DNS Implementation Flaws

JSOF team together with Forescout Research Labs, have revealed a set of nine vulnerabilities related to Domain Name System (DNS) implementations, causing either Denial of Service (DoS) or Remote Code Execution (RCE). This vulnerability set,...
New Inception Attack Let Attackers steal Sensitive Data from all AMD Zen CPUs

New Inception Attack Let Attackers Steal Sensitive Data from all AMD Zen CPUs

Phantom Speculation and Training in Transient Execution are two novel techniques that have been identified to leak arbitrary information from all modern CPUs. A new technique called "Inception" has emerged from the combination of these...
Badloc- Microsoft Warns of Multiple Vulnerabilities that Could Affect a Wide Range of IoT and OT Devices

Badloc- Microsoft Warns of Multiple Vulnerabilities that Could Affect a Wide Range of IoT...

Security researchers at Microsoft recently uncovered a series of critical memory allocation vulnerabilities in IoT and OT devices that adversaries could exploit to bypass security controls to execute malicious code or cause a system...
QNAP Operating Systems Flaw

QNAP Operating Systems Flaw Let Attackers Launch DoS Attacks

QNAP operating systems are robust, user-friendly software platforms that power NAS and NVR devices. QNAP offers four operating systems, and here below we have mentioned them:- QTS QuTS hero QuTScloud QES Since the wide use of its operating systems...

Managed WAF

Website

Latest News